View
111
Download
5
Category
Tags:
Preview:
Citation preview
Sniffing HTTPS Using YAMAS
What is YAMAS??
YAMAS stands for Yet Another Man in the middle Automation Script. Yamas aims
at expediting the MITM attacks by automatically setting the whole attack from ip
forwarding, flushing old and creating new IP tables, to the ARP poisoning using
arpspoof. The data packets travelling through HTTPS are stripped off the secure
SSL(secure socket layer) by the sslstrip 0.9 tool by Moxie Marlinspike . No other
script does that.
Main Features of YAMAS :
It mainly aims at the output of credentials and credentials only and nothing else.
Credentials from any website would show up.
This script is very user-friendly that is just few clicks and the attack is running.
The dumped credentials are automatically saved in a log file.
The script can be used to attack the whole network or a single or multiple targets
as well.
NOTE: The script was originally made for Backtrack operating systems only but
can be modified and made compatible with the Kali Linux operating systems as
well.
How to Install and Run YAMAS Script
Step 1 : Open your browser in Backtrack 5 and navigate to
www.comax.fr/yamas.php. Scroll down and select the download link as shown
and download it.
STEP 2: Save file and the file will be downloaded in Downloads folder
STEP 3 : Copy the Yamas.sh from the downloads folder to the desktop just to
make it simpler.
STEP 4: Change the permissions of Yamas.sh.
a) Right click on yamas.sh and select properties.
b) Change tab to permissions.
c) Tick Executable file as program.
STEP: 5 Run Terminal and type the following commands :
cd Desktop/
./yamas.sh
Press 'y ' when prompted.
How to Configure YAMAS
STEP 6 : Close the terminal after YAMAS is installed and run another terminal and
type yamas.
STEP 7 : a) We will be prompted the following : To What port should the Traffic
be redirected to? Default is 8080. We will choose that only.so press just press
enter
b) Now we will have to choose the port from which the traffic will be redirected.
We will choose the default port (8080) again and press enter.
c) Now we have to choose a filename to output i.e all the information that we
have sniffed will be stored here. You can choose any name. I will choose
yamaslogs.
d) Now it ll ask to choose a ip gateway address or the ip address of the router.
Here i ll choose the default again
e) Now it will ask you to choose the interface. It will automatically show you the
interface so press enter.
f) Now it will ask if we want to attack the whole Network. By default it will attack
the whole network but we can also enter the ip addresses of the victim(s) to
attack one or more than one selected victim(s).
After you press enter (either to target the whole network or specific IP
address(es)), a new window for passwords and ARPspoof will pop up and your
ATTACK IS RUNNING. The password window will show you the credentials of user
on various sites such as yahoo.com,gmail.com,facebook.com.
Now, suppose your victim logs on to 'yahoomail.com'
The SSLStrip has successfully stripped https to http.
YAMAS has stored the credentials in the yamaslogs file which we had created
before.
In the same way when the victim logs on to facebook.com.
The SSLStrip has successfully stripped again.
YAMAS has again intercepted the data traffic through ARPspoof and stored the
credentials.
Lucideus Winter Training Certification Program and Placement Opportunity
Thank you for showing your interest in Lucideus Training Certification & Placement Program. Details of the course and registration guidelines are mentioned here. Duration of the course
40 Hours
Types of Training
5 Day Boot Camp = 8 Hours X 5 Days = 40 Hours 20 Days = 2 hours X 20 Days = 40 Hours
Training Fee
20,000 Rs. + 12.5% Service Tax = 22,472 Rs. (Includes = Training + Certification + Examination Fee + Toolkit + Placement Exam Fee)
Course Contents
Web Application Hacking & Security Email Accounts Hacking & Security Mobile Hacking & Security System Hacking & Security Wireless Hacking & Security Reverse Engineering Metaspolit Framework Cyber Forensics Crime Investigation
And many more…
Why Lucideus Training?
95% practical sessions with hands-on training. Trained over 60,000 students from more than 200 establishments globally. Experienced and highly qualified trainers. Most advanced IT Security Labs. Live Projects during training. (Offered to desired candidates) Maximum of 12 students per batch. Placement assistance to desired candidates.
Training Fee
Excluding Examination Rs 15,000 + 12.5% Service Tax = 16,854 Rs. (Includes, Training + Toolkit)
Inclusive Examination Rs 20,000 + 12.5% Service Tax = 22,472 Rs. (Includes, Training + Certification + Examination Fee + Toolkit + Placement Exam Fee)
Batch Dates
Register Today : www.lucideus.com/form/winter.html
About Author
Facebook : https://www.facebook.com/rohan.ahuja.315
Rohan Ahuja is doing his engineering in MITS Gwalior and also student of Lucideus Tech Pvt. Ltd in
LCCSA Batch. His core interest is network security and Web Space Penetration Testing.
Lucideus Labs New Delhi
Register Today : www.lucideus.com/form/winter.html
Lucideus Tech Pvt Ltd. C-17 Safdarjung Development Area, Hauz Khas, Opposite
IIT Delhi Main Gate, New Delhi, India 110016
Recommended